Bug 242561 - [TextureMapper] WebCore::MediaPlayerPrivateGStreamer Conditional jump or move depends on uninitialised value(s)
Summary: [TextureMapper] WebCore::MediaPlayerPrivateGStreamer Conditional jump or move...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Media (show other bugs)
Version: WebKit Nightly Build
Hardware: PC Linux
: P2 Normal
Assignee: Nobody
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2022-07-09 16:25 PDT by James Hilliard
Modified: 2022-07-12 15:08 PDT (History)
3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description James Hilliard 2022-07-09 16:25:58 PDT 
Seeing this get flagged by valgrind when trying to load a camera via getusermedia.

==195== Conditional jump or move depends on uninitialised value(s)
==195==    at 0x11429778: WebCore::TextureMapperPlatformLayerBuffer::paintToTextureMapper(WebCore::TextureMapper&, WebCore::FloatRect const&, WebCore::TransformationMatrix const&, float) (TextureMapperPlatformLayerBuffer.cpp:112)
==195==    by 0x11403DDD: WebCore::TextureMapperLayer::paintSelf(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:202)
==195==    by 0x114042D4: WebCore::TextureMapperLayer::paintSelfAndChildren(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:255)
==195==    by 0x114049D4: WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:319)
==195==    by 0x1140683D: WebCore::TextureMapperLayer::paintSelfChildrenReplicaFilterAndMask(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:563)
==195==    by 0x11406903: WebCore::TextureMapperLayer::paintRecursive(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:576)
==195==    by 0x114046C9: WebCore::TextureMapperLayer::paintSelfAndChildren(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:283)
==195==    by 0x114049D4: WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:319)
==195==    by 0x1140683D: WebCore::TextureMapperLayer::paintSelfChildrenReplicaFilterAndMask(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:563)
==195==    by 0x11406903: WebCore::TextureMapperLayer::paintRecursive(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:576)
==195==    by 0x114046C9: WebCore::TextureMapperLayer::paintSelfAndChildren(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:283)
==195==    by 0x114049D4: WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:319)
==195==    by 0x1140683D: WebCore::TextureMapperLayer::paintSelfChildrenReplicaFilterAndMask(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:563)
==195==    by 0x11406903: WebCore::TextureMapperLayer::paintRecursive(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:576)
==195==    by 0x114046C9: WebCore::TextureMapperLayer::paintSelfAndChildren(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:283)
==195==    by 0x114049D4: WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:319)
==195==    by 0x1140683D: WebCore::TextureMapperLayer::paintSelfChildrenReplicaFilterAndMask(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:563)
==195==    by 0x11406903: WebCore::TextureMapperLayer::paintRecursive(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:576)
==195==    by 0x114046C9: WebCore::TextureMapperLayer::paintSelfAndChildren(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:283)
==195==    by 0x114049D4: WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:319)
==195==    by 0x1140683D: WebCore::TextureMapperLayer::paintSelfChildrenReplicaFilterAndMask(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:563)
==195==    by 0x11406903: WebCore::TextureMapperLayer::paintRecursive(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:576)
==195==    by 0x114046C9: WebCore::TextureMapperLayer::paintSelfAndChildren(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:283)
==195==    by 0x114049D4: WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:319)
==195==    by 0x1140683D: WebCore::TextureMapperLayer::paintSelfChildrenReplicaFilterAndMask(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:563)
==195==    by 0x11406903: WebCore::TextureMapperLayer::paintRecursive(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:576)
==195==    by 0x114046C9: WebCore::TextureMapperLayer::paintSelfAndChildren(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:283)
==195==    by 0x114049D4: WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:319)
==195==    by 0x1140683D: WebCore::TextureMapperLayer::paintSelfChildrenReplicaFilterAndMask(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:563)
==195==    by 0x11406903: WebCore::TextureMapperLayer::paintRecursive(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:576)
==195==    by 0x114046C9: WebCore::TextureMapperLayer::paintSelfAndChildren(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:283)
==195==    by 0x114049D4: WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:319)
==195==    by 0x1140683D: WebCore::TextureMapperLayer::paintSelfChildrenReplicaFilterAndMask(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:563)
==195==    by 0x11406903: WebCore::TextureMapperLayer::paintRecursive(WebCore::TextureMapperPaintOptions&) (TextureMapperLayer.cpp:576)
==195==    by 0x11403586: WebCore::TextureMapperLayer::paint(WebCore::TextureMapper&) (TextureMapperLayer.cpp:145)
==195==    by 0xE6C2F6B: WebKit::CoordinatedGraphicsScene::paintToCurrentGLContext(WebCore::TransformationMatrix const&, WebCore::FloatRect const&, unsigned int) (CoordinatedGraphicsScene.cpp:78)
==195==    by 0xE6E47A2: WebKit::ThreadedCompositor::renderLayerTree() (ThreadedCompositor.cpp:240)
==195==    by 0xE6E3762: WebKit::ThreadedCompositor::ThreadedCompositor(WebKit::ThreadedCompositor::Client&, WebKit::ThreadedDisplayRefreshMonitor::Client&, unsigned int, WebCore::IntSize const&, float, unsigned int)::{lambda()#1}::operator()() const (ThreadedCompositor.cpp:58)
==195==    by 0xE6E83FD: WTF::Detail::CallableWrapper<WebKit::ThreadedCompositor::ThreadedCompositor(WebKit::ThreadedCompositor::Client&, WebKit::ThreadedDisplayRefreshMonitor::Client&, unsigned int, WebCore::IntSize const&, float, unsigned int)::{lambda()#1}, void>::call() (Function.h:53)
==195==    by 0xD9D7F1C: WTF::Function<void ()>::operator()() const (Function.h:82)
==195==    by 0xE6C660B: WebKit::CompositingRunLoop::updateTimerFired() (CompositingRunLoop.cpp:188)
==195==    by 0xE6E33EF: void std::__invoke_impl<void, void (WebKit::CompositingRunLoop::*&)(), WebKit::CompositingRunLoop*&>(std::__invoke_memfun_deref, void (WebKit::CompositingRunLoop::*&)(), WebKit::CompositingRunLoop*&) (invoke.h:74)
==195==    by 0xE6E3368: std::__invoke_result<void (WebKit::CompositingRunLoop::*&)(), WebKit::CompositingRunLoop*&>::type std::__invoke<void (WebKit::CompositingRunLoop::*&)(), WebKit::CompositingRunLoop*&>(void (WebKit::CompositingRunLoop::*&)(), WebKit::CompositingRunLoop*&) (invoke.h:96)
==195==    by 0xE6E32DE: void std::_Bind<void (WebKit::CompositingRunLoop::*(WebKit::CompositingRunLoop*))()>::__call<void, , 0ul>(std::tuple<>&&, std::_Index_tuple<0ul>) (functional:420)
==195==    by 0xE6E3270: void std::_Bind<void (WebKit::CompositingRunLoop::*(WebKit::CompositingRunLoop*))()>::operator()<, void>() (functional:503)
==195==    by 0xE6E3219: WTF::Detail::CallableWrapper<std::_Bind<void (WebKit::CompositingRunLoop::*(WebKit::CompositingRunLoop*))()>, void>::call() (Function.h:53)
==195==    by 0xD9D7F1C: WTF::Function<void ()>::operator()() const (Function.h:82)
==195==    by 0xE6E3239: WTF::RunLoop::Timer<WebKit::CompositingRunLoop>::fired() (RunLoop.h:188)
==195==    by 0x1108296A: WTF::RunLoop::TimerBase::TimerBase(WTF::RunLoop&)::{lambda(void*)#1}::operator()(void*) const (RunLoopGLib.cpp:177)
==195==    by 0x110829AA: WTF::RunLoop::TimerBase::TimerBase(WTF::RunLoop&)::{lambda(void*)#1}::_FUN(void*) (RunLoopGLib.cpp:181)
==195==    by 0x11081EBC: WTF::RunLoop::{lambda(_GSource*, int (*)(void*), void*)#1}::operator()(_GSource*, int (*)(void*), void*) const (RunLoopGLib.cpp:53)
==195==    by 0x11081F0A: WTF::RunLoop::{lambda(_GSource*, int (*)(void*), void*)#1}::_FUN(_GSource*, int (*)(void*), void*) (RunLoopGLib.cpp:56)
==195==    by 0x15FB8293: g_main_dispatch (gmain.c:3381)
==195==    by 0x15FB8293: g_main_context_dispatch (gmain.c:4099)
==195==    by 0x15FB8637: g_main_context_iterate.constprop.0 (gmain.c:4175)
==195==    by 0x15FB8942: g_main_loop_run (gmain.c:4373)
==195==    by 0x11082575: WTF::RunLoop::run() (RunLoopGLib.cpp:108)
==195==    by 0xE6C5CB2: WebKit::createRunLoop()::{lambda()#1}::operator()() const (CompositingRunLoop.cpp:49)
==195==    by 0xE6CADE5: WTF::Detail::CallableWrapper<WebKit::createRunLoop()::{lambda()#1}, void>::call() (Function.h:53)
==195==    by 0xD9D7F1C: WTF::Function<void ()>::operator()() const (Function.h:82)
==195==    by 0x10FDF034: WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*) (Threading.cpp:236)
==195==    by 0x1108F1BC: WTF::wtfThreadEntryPoint(void*) (ThreadingPOSIX.cpp:242)
==195==    by 0x18A463B9: start_thread (pthread_create.c:481)
==195==    by 0x16782952: clone (clone.S:95)
==195==  Uninitialised value was created by a heap allocation
==195==    at 0x4840899: malloc (vg_replace_malloc.c:381)
==195==    by 0x10F92F47: WTF::fastMalloc(unsigned long) (FastMalloc.cpp:232)
==195==    by 0x112E0165: WebCore::MediaPlayerPrivateGStreamer::operator new(unsigned long) (MediaPlayerPrivateGStreamer.h:128)
==195==    by 0x112E5BB3: std::_MakeUniq<WebCore::MediaPlayerPrivateGStreamer>::__single_object std::make_unique<WebCore::MediaPlayerPrivateGStreamer, WebCore::MediaPlayer*&>(WebCore::MediaPlayer*&) (unique_ptr.h:962)
==195==    by 0x112E24B9: decltype(auto) WTF::makeUnique<WebCore::MediaPlayerPrivateGStreamer, WebCore::MediaPlayer*&>(WebCore::MediaPlayer*&) (StdLibExtras.h:540)
==195==    by 0x112E2509: WebCore::MediaPlayerFactoryGStreamer::createMediaEnginePlayer(WebCore::MediaPlayer*) const (MediaPlayerPrivateGStreamer.cpp:288)
==195==    by 0x149351A3: WebCore::MediaPlayer::loadWithNextMediaEngine(WebCore::MediaPlayerFactory const*) (MediaPlayer.cpp:625)
==195==    by 0x14934C7E: WebCore::MediaPlayer::load(WebCore::MediaStreamPrivate&) (MediaPlayer.cpp:549)
==195==    by 0x13D5FCA5: WebCore::HTMLMediaElement::loadResource(WTF::URL const&, WebCore::ContentType&, WTF::String const&) (HTMLMediaElement.cpp:1599)
==195==    by 0x13D5E9CE: WebCore::HTMLMediaElement::selectMediaResource()::{lambda()#1}::operator()() const (HTMLMediaElement.cpp:1413)
==195==    by 0x13D91E1B: WTF::Detail::CallableWrapper<WebCore::HTMLMediaElement::selectMediaResource()::{lambda()#1}, void>::call() (Function.h:53)
==195==    by 0xD9D7F1C: WTF::Function<void ()>::operator()() const (Function.h:82)
==195==    by 0x1322C265: WTF::CancellableTask::operator()() (CancellableTask.h:86)
==195==    by 0x13D95F3B: WebCore::ActiveDOMObject::queueCancellableTaskKeepingObjectAlive<WebCore::HTMLMediaElement>(WebCore::HTMLMediaElement&, WebCore::TaskSource, WTF::TaskCancellationGroup&, WTF::Function<void ()>&&)::{lambda()#1}::operator()() (ActiveDOMObject.h:119)
==195==    by 0x13DC54ED: WTF::Detail::CallableWrapper<WebCore::ActiveDOMObject::queueCancellableTaskKeepingObjectAlive<WebCore::HTMLMediaElement>(WebCore::HTMLMediaElement&, WebCore::TaskSource, WTF::TaskCancellationGroup&, WTF::Function<void ()>&&)::{lambda()#1}, void>::call() (Function.h:53)
==195==    by 0xD9D7F1C: WTF::Function<void ()>::operator()() const (Function.h:82)
==195==    by 0x139FB2B1: WebCore::EventLoopFunctionDispatchTask::execute() (EventLoop.cpp:159)
==195==    by 0x139F0D50: WebCore::EventLoop::run() (EventLoop.cpp:123)
==195==    by 0x13B2815F: WebCore::WindowEventLoop::didReachTimeToRun() (WindowEventLoop.cpp:121)
==195==    by 0x13B3D6FD: void std::__invoke_impl<void, void (WebCore::WindowEventLoop::*&)(), WebCore::WindowEventLoop*&>(std::__invoke_memfun_deref, void (WebCore::WindowEventLoop::*&)(), WebCore::WindowEventLoop*&) (invoke.h:74)
==195==    by 0x13B3D668: std::__invoke_result<void (WebCore::WindowEventLoop::*&)(), WebCore::WindowEventLoop*&>::type std::__invoke<void (WebCore::WindowEventLoop::*&)(), WebCore::WindowEventLoop*&>(void (WebCore::WindowEventLoop::*&)(), WebCore::WindowEventLoop*&) (invoke.h:96)
==195==    by 0x13B3D5DE: void std::_Bind<void (WebCore::WindowEventLoop::*(WebCore::WindowEventLoop*))()>::__call<void, , 0ul>(std::tuple<>&&, std::_Index_tuple<0ul>) (functional:420)
==195==    by 0x13B3D570: void std::_Bind<void (WebCore::WindowEventLoop::*(WebCore::WindowEventLoop*))()>::operator()<, void>() (functional:503)
==195==    by 0x13B3D539: WTF::Detail::CallableWrapper<std::_Bind<void (WebCore::WindowEventLoop::*(WebCore::WindowEventLoop*))()>, void>::call() (Function.h:53)
==195==    by 0xD9D7F1C: WTF::Function<void ()>::operator()() const (Function.h:82)
==195==    by 0xE2769FD: WebCore::Timer::fired() (Timer.h:135)
==195==    by 0x1474B909: WebCore::ThreadTimers::sharedTimerFiredInternal() (ThreadTimers.cpp:127)
==195==    by 0x1474B1FE: WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::{lambda()#1}::operator()() const (ThreadTimers.cpp:67)
==195==    by 0x1474E321: WTF::Detail::CallableWrapper<WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::{lambda()#1}, void>::call() (Function.h:53)
==195==    by 0xD9D7F1C: WTF::Function<void ()>::operator()() const (Function.h:82)
==195==    by 0x146FE25D: WebCore::MainThreadSharedTimer::fired() (MainThreadSharedTimer.cpp:83)
==195==    by 0x14708DE9: void std::__invoke_impl<void, void (WebCore::MainThreadSharedTimer::*&)(), WebCore::MainThreadSharedTimer*&>(std::__invoke_memfun_deref, void (WebCore::MainThreadSharedTimer::*&)(), WebCore::MainThreadSharedTimer*&) (invoke.h:74)
==195==    by 0x14708D62: std::__invoke_result<void (WebCore::MainThreadSharedTimer::*&)(), WebCore::MainThreadSharedTimer*&>::type std::__invoke<void (WebCore::MainThreadSharedTimer::*&)(), WebCore::MainThreadSharedTimer*&>(void (WebCore::MainThreadSharedTimer::*&)(), WebCore::MainThreadSharedTimer*&) (invoke.h:96)
==195==    by 0x14708CD8: void std::_Bind<void (WebCore::MainThreadSharedTimer::*(WebCore::MainThreadSharedTimer*))()>::__call<void, , 0ul>(std::tuple<>&&, std::_Index_tuple<0ul>) (functional:420)
==195==    by 0x14708C6A: void std::_Bind<void (WebCore::MainThreadSharedTimer::*(WebCore::MainThreadSharedTimer*))()>::operator()<, void>() (functional:503)
==195==    by 0x14708C13: WTF::Detail::CallableWrapper<std::_Bind<void (WebCore::MainThreadSharedTimer::*(WebCore::MainThreadSharedTimer*))()>, void>::call() (Function.h:53)
==195==    by 0xD9D7F1C: WTF::Function<void ()>::operator()() const (Function.h:82)
==195==    by 0x14708C33: WTF::RunLoop::Timer<WebCore::MainThreadSharedTimer>::fired() (RunLoop.h:188)
==195==    by 0x1108296A: WTF::RunLoop::TimerBase::TimerBase(WTF::RunLoop&)::{lambda(void*)#1}::operator()(void*) const (RunLoopGLib.cpp:177)
==195==    by 0x110829AA: WTF::RunLoop::TimerBase::TimerBase(WTF::RunLoop&)::{lambda(void*)#1}::_FUN(void*) (RunLoopGLib.cpp:181)
==195==    by 0x11081EBC: WTF::RunLoop::{lambda(_GSource*, int (*)(void*), void*)#1}::operator()(_GSource*, int (*)(void*), void*) const (RunLoopGLib.cpp:53)
==195==    by 0x11081F0A: WTF::RunLoop::{lambda(_GSource*, int (*)(void*), void*)#1}::_FUN(_GSource*, int (*)(void*), void*) (RunLoopGLib.cpp:56)
==195==    by 0x15FB8293: g_main_dispatch (gmain.c:3381)
==195==    by 0x15FB8293: g_main_context_dispatch (gmain.c:4099)
==195==    by 0x15FB8637: g_main_context_iterate.constprop.0 (gmain.c:4175)
==195==    by 0x15FB8942: g_main_loop_run (gmain.c:4373)
==195==    by 0x11082575: WTF::RunLoop::run() (RunLoopGLib.cpp:108)
==195==    by 0xF024098: WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run(int, char**) (AuxiliaryProcessMain.h:70)
==195==    by 0xF02174A: int WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainWPE>(int, char**) (AuxiliaryProcessMain.h:96)
==195==    by 0xF01DCA2: WebKit::WebProcessMain(int, char**) (WebProcessMainWPE.cpp:75)
==195==    by 0x109918: main (WebProcessMain.cpp:31)
==195==
Comment 1 James Hilliard 2022-07-10 13:35:46 PDT 
Pull request: https://github.com/WebKit/WebKit/pull/2279
Comment 2 EWS 2022-07-12 15:07:08 PDT 
Committed 252393@main (7a8322c16369): <https://commits.webkit.org/252393@main>

Reviewed commits have been landed. Closing PR #2279 and removing active labels.
Comment 3 Radar WebKit Bug Importer 2022-07-12 15:08:17 PDT 
<rdar://problem/96912916>